This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/53U4m7unV2mibWFu1QO-NpnrTnw.roa File: 53U4m7unV2mibWFu1QO-NpnrTnw.roa (raw, json) Hash identifier: 0i1ZcWrwIpK4hLghAwyHvwSPfTHGRkTgHaWZ5gxvSPY= Subject key identifier: E7:75:38:9B:BB:A7:57:69:A2:6D:61:6E:D5:03:BE:36:99:EB:4E:7C Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b Certificate serial: 019B7E393342D810D61ED2FF39265B656C46 Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/53U4m7unV2mibWFu1QO-NpnrTnw.roa Signing time: Fri 02 Jan 2026 10:20:36 +0000 ROA not before: Fri 02 Jan 2026 10:20:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31365 IP address blocks: 85.115.206.0/24 maxlen: 24 85.115.207.0/24 maxlen: 24 85.153.1.0/24 maxlen: 24 85.153.2.0/24 maxlen: 24 85.153.3.0/24 maxlen: 24 85.153.4.0/24 maxlen: 24 85.153.5.0/24 maxlen: 24 85.153.6.0/24 maxlen: 24 85.153.7.0/24 maxlen: 24 85.153.8.0/24 maxlen: 24 85.153.9.0/24 maxlen: 24 85.153.10.0/24 maxlen: 24 85.153.33.0/24 maxlen: 24 85.153.43.0/24 maxlen: 24 85.153.47.0/24 maxlen: 24 85.153.56.0/24 maxlen: 24 85.153.58.0/24 maxlen: 24 85.153.65.0/24 maxlen: 24 85.153.74.0/24 maxlen: 24 85.153.75.0/24 maxlen: 24 85.153.76.0/22 maxlen: 22 85.153.80.0/24 maxlen: 24 85.153.93.0/24 maxlen: 24 85.153.112.0/24 maxlen: 24 85.153.115.0/24 maxlen: 24 85.153.116.0/24 maxlen: 24 85.153.117.0/24 maxlen: 24 85.153.118.0/24 maxlen: 24 85.153.120.0/24 maxlen: 24 85.153.121.0/24 maxlen: 24 85.153.122.0/24 maxlen: 24 85.153.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.mft rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:33:42:d8:10:d6:1e:d2:ff:39:26:5b:65:6c:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b Validity Not Before: Jan 2 10:20:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e775389bbba75769a26d616ed503be3699eb4e7c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:d0:80:b1:24:fc:76:10:e9:5d:79:fc:a3:b4: 17:76:12:35:34:74:bc:b9:fa:72:90:52:8a:e2:30: 54:59:d7:78:09:5c:17:4d:bf:86:36:67:67:3c:6c: f7:10:57:39:0b:16:ce:f1:d9:cd:c0:6e:6a:47:a6: 1b:db:d7:65:13:2c:cd:dc:6c:6c:5e:a1:91:fd:21: 5d:05:80:30:5c:61:fd:67:d9:77:66:5a:a7:df:23: 56:a1:09:42:6e:1c:14:2c:41:8f:bd:56:77:f0:03: f3:2a:3d:62:0f:1f:8f:19:d1:2d:d7:78:23:23:62: 3d:1c:ef:9c:af:94:e1:37:d0:57:8a:80:7a:25:c7: 61:2d:b9:e8:08:71:52:af:24:c0:76:3c:2a:1e:4d: 28:db:ff:74:e9:47:c7:9d:c1:90:b4:91:a1:66:bf: 56:8e:57:37:a2:fc:d3:33:ca:a7:0b:20:c2:9d:78: 43:31:59:11:11:24:aa:89:50:7d:ee:62:48:76:6c: 8f:79:78:10:63:31:17:1f:80:c7:8b:0a:ff:74:14: d9:b7:d7:e2:ab:49:03:21:f5:e2:79:98:98:b8:b5: 9a:0a:e1:fa:b1:d9:70:9e:ab:37:1d:16:ea:a6:44: ac:55:8e:5a:d7:55:83:e3:c9:14:54:73:4f:0b:16: ea:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:75:38:9B:BB:A7:57:69:A2:6D:61:6E:D5:03:BE:36:99:EB:4E:7C X509v3 Authority Key Identifier: keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/53U4m7unV2mibWFu1QO-NpnrTnw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.115.206.0/23 85.153.1.0-85.153.10.255 85.153.33.0/24 85.153.43.0/24 85.153.47.0/24 85.153.56.0/24 85.153.58.0/24 85.153.65.0/24 85.153.74.0-85.153.80.255 85.153.93.0/24 85.153.112.0/24 85.153.115.0-85.153.118.255 85.153.120.0/22 Signature Algorithm: sha256WithRSAEncryption 08:32:92:71:3a:81:44:48:47:bd:31:a4:20:f5:49:0d:cc:05: 89:40:7e:1a:44:40:e6:d5:7a:d2:ac:6e:42:c0:cc:83:76:1a: 37:48:e6:5b:b6:e2:3e:b6:01:f6:89:c6:3a:6f:66:c0:f1:95: e5:29:b7:55:25:f2:c3:dd:16:87:2a:b8:4d:96:df:75:0a:25: 1c:32:cf:26:0e:e6:97:8a:f4:3f:43:16:59:d1:37:79:64:65: 23:82:25:7d:c5:81:1e:01:2e:a2:cc:76:ff:78:ac:0c:5d:a2: d1:58:27:90:e2:8b:31:25:f2:70:55:0a:54:58:1c:05:9c:37: 71:4a:a5:6b:96:0a:5e:87:23:db:0c:a2:6f:e9:89:ac:b0:13: 83:6a:c5:30:36:44:c3:de:a2:0a:05:5a:58:6e:b9:4a:85:ad: a6:20:af:6c:6b:96:ec:b2:11:83:49:68:07:45:2a:2a:a8:bc: d8:12:e9:0d:82:16:67:fd:25:12:3f:0d:1e:65:e7:cf:b6:53: 5b:50:a6:b9:d1:6d:77:a6:37:55:75:45:e9:b9:8f:17:24:33: f1:56:71:b1:b3:d1:58:fe:45:6f:21:8c:14:f5:7c:5b:ee:64: 6d:53:9f:21:e6:e8:da:ad:c3:ff:4d:0c:5b:28:95:20:bf:70: 0f:f9:26:22 -----BEGIN CERTIFICATE----- MIIFXTCCBEWgAwIBAgISAZt+OTNC2BDWHtL/OSZbZWxGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm ZWI2MWIwHhcNMjYwMTAyMTAyMDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNzc1Mzg5YmJiYTc1NzY5YTI2ZDYxNmVkNTAzYmUzNjk5ZWI0ZTdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA89CAsST8dhDpXXn8o7QXdhI1NHS8 ufpykFKK4jBUWdd4CVwXTb+GNmdnPGz3EFc5CxbO8dnNwG5qR6Yb29dlEyzN3Gxs XqGR/SFdBYAwXGH9Z9l3Zlqn3yNWoQlCbhwULEGPvVZ38APzKj1iDx+PGdEt13gj I2I9HO+cr5ThN9BXioB6JcdhLbnoCHFSryTAdjwqHk0o2/906UfHncGQtJGhZr9W jlc3ovzTM8qnCyDCnXhDMVkRESSqiVB97mJIdmyPeXgQYzEXH4DHiwr/dBTZt9fi q0kDIfXieZiYuLWaCuH6sdlwnqs3HRbqpkSsVY5a11WD48kUVHNPCxbqsQIDAQAB o4ICaTCCAmUwHQYDVR0OBBYEFOd1OJu7p1dpom1hbtUDvjaZ6058MB8GA1UdIwQY MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt MWRjYzg2YzExZTc0LzEvNTNVNG03dW5WMm1pYldGdTFRTy1OcG5yVG53LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0 LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQBVXPOMAwD BABVmQEDBABVmQoDBABVmSEDBABVmSsDBABVmS8DBABVmTgDBABVmToDBABVmUEw DAMEAVWZSgMEAFWZUAMEAFWZXQMEAFWZcDAMAwQAVZlzAwQAVZl2AwQCVZl4MA0G CSqGSIb3DQEBCwUAA4IBAQAIMpJxOoFESEe9MaQg9UkNzAWJQH4aREDm1XrSrG5C wMyDdho3SOZbtuI+tgH2icY6b2bA8ZXlKbdVJfLD3RaHKrhNlt91CiUcMs8mDuaX ivQ/QxZZ0Td5ZGUjgiV9xYEeAS6izHb/eKwMXaLRWCeQ4osxJfJwVQpUWBwFnDdx SqVrlgpehyPbDKJv6YmssBODasUwNkTD3qIKBVpYbrlKha2mIK9sa5bsshGDSWgH RSoqqLzYEukNghZn/SUSPw0eZefPtlNbUKa50W13pjdVdUXpuY8XJDPxVnGxs9FY /kVvIYwU9Xxb7mRtU58h5ujarcP/TQxbKJUgv3AP+SYi -----END CERTIFICATE-----Generated at Mon Jan 26 11:31:05 2026 by rpki-client